IN THE CLAIMS: 



Please amend the claims as follows: 

1 . (Currently Amended) A method of operating an access device comprising: 

receiving a packet at an access device deployed in a first network; 

automatically identifying a switch server in a second network, where the switch server is 
associated with an identifier obtained from the packet; and 

forwarding the packet to the switch server in the second network so that the switch server can 
release the packet in the second network without releasing the packet in the first network. 

2. (Original) The method of claim 1 wherein the packet is a layer two frame. 

3. (Original) The method of claim 2 wherein the packet is received from a user device with 
layer two connectivity with the access device. 

4. (Original) The method of claim 3 where the first network is a remote network and the second 
network is a home network for a user of the user device. 

5. (Original) The method of claim 3 wherein the identifier comprises a media access control 
address associated with the user device. 

6. (Original) The method of claim 3 wherein the identifier comprises a media access control 
address associated with the user device and a cryptographic key identifier. 

7. (Original) The method of claim 3 wherein the identifier comprises a network layer address. 

8. (Original) The method of claim 1 wherein the packet is forwarded using a communication 
channel established across a public data network between the access device in the first network 
and the switch server in the second network. 
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9. (Original) The method of claim 8 where communication channels are established between the 
access device in the first network and a plurality of switch servers in different networks 
dynamically based on which users have established connectivity with the access device. 

10. (Original) The method of claim 8 where communication channels are dynamically established 
between access devices and switch servers which have no prior knowledge of each other. 

1 1 . (Original) The method of claim 4 in which the user device connects in a same manner as it 
connects to the home network, 

12. (Original) The method of claim 4 where the remote network does not need to allocate an IP 
address for the user device. 

13. (Original) The method of claim 4 where the remote network is not involved in perforating user 
authentication and access control. 

14. (Original) The method of claim 1 wherein the switch server is identified by performing a 
lookup request using the identifier obtained from the packet. 

15. (Original) A system for remote access to a home network from a remote network, 
comprising: one or more switch servers, each switch server deployed in a home network 
associated with one or more users; and 

an access device for deployment in a remote network and providing connectivity for user 
devices, such that packets arriving at the access device from a user are forwarded to the switch 
server in the home network associated with the user and released into the home network 
without releasing the packets into the remote network. 

16. (Original) The system of claim 15 wherein the packets are layer two frames. 

17. (Original) The system of claim 16 wherein the access device establishes communication 
channels to switch servers dynamically based on which users have established 
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connectivity with the access device. 

18. (Original) The system of claim 15 wherein the access device selects which switch server to 
forward a packet based on an identifier obtained from the packet, where the identifier is associated 
with one of the switch servers. 

19. (Original) The system of claim 15 wherein multiple user devices having connectivity to 
the access device may be connected to different home networks and where the user devices 
connect in a same manner as they connect to their respective home networks. 

20. (Currently Amended) An access device comprising: 

a network interface for establishing connectivity with one or more user devices; 
a packet analysis module capable of obtaining an identifier from a packet received from the 
network interface and identifying a switch server in a second network associated with the identifier; 
and 

means for dynamically establishing a communication channel with one or more switch 
servers so that a packet associated with a switch server can be forwarded to the switch server 
and released in the second network without releasing the packet in a local network. 

21. (Original) The access device of claim 20 where the packets are layer two frames. 

22. (Original) The access device of claim 20 in which the user device connects in a same 
manner as it connects to the second network. 

23. (Original) The access device of claim 20 where the network interface provides 
wired connectivity with the user devices. 

24. (Original) The access device of claim 20 where the network interface provides wireless 
connectivity with the user devices. 



25. (Original) The access device of claim 20 where traffic from the user devices are not 
bridged with any nodes in the local network. 

26. (Currently Amended) A switch server-comprising: 

a network interface for connecting to a home network of a user; and 
an access module configured to capabl e of maintaining maintain communication channels with 
one or more access device s over a remote network, and r e c e iving receive p ackets from the an 
access device on behalf of a user devic e, where the packets received from the remote network 
are not released in the remote network, and re l e a si ng release t he packets using the network 
interface into the home network of the user. 

27. (Original) The switch server of claim 26 where the packets are layer two frames. 

28. (Original) The switch server of claim 26 wherein the switch server is responsible for local 
access policy enforcement. 

29. (Original) The switch server of claim 26 further comprising a decryption module for 
decrypting packets from the access device. 

30. (Original) The switch server of claim 26 further comprising a lookup module that responds to 
lookup requests from access devices. 

3 1 . (Currently Amended) A device-readable medium comprising program instructions for causing 
an access device deployed in a first network to perform the steps of 

receiving a packet; 

identifying a switch server in a second network, where the switch server is associated 
with an identifier obtained from the packet; and 

forwarding the packet to the switch server in the second network so mat the switch server can 
release the packet in the second network without releasing the packet in the first network. 
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32. (Original) The device-readable medium of claim 31 wherein the packet is a layer two frame. 

33. (Original) The device-readable medium of claim 3 1 wherein the packet is received from a 
user device with layer two connectivity with die access device. 

34. (Original) The device-readable medium of claim 33 where the first network is a 
remote network and the second network is a home network for a user of the user device. 

35. (Original) The device-readable medium of claim 33 wherein the identifier comprises a 
media access control address associated with the user device. 

36. (Original) The device-readable medium of claim 33 wherein the identifier comprises 
a cryptographic key. 

37. (Original) The device-readable medium of claim 33 wherein die identifier comprises 
a network layer address. 

38. (Original) The device-readable medium of claim 31 wherein the packet is forwarded using 
a communication channel established across a public data network between the access device 
in the first network and the switch server in the second network. 

39. (Original) The device-readable medium of claim 38 where communication channels 
are established between the access device in the first network and a plurality of switch servers 
in different networks dynamically based on which users have established connectivity with 
the access device. 

40. (Original) The device-readable medium of claim 31 wherein the switch server is identified 
by performing a lookup request using the identifier obtained from the patent. 



